--- a/slides04.tex Tue Oct 16 08:52:23 2012 +0100
+++ b/slides04.tex Tue Oct 16 12:10:35 2012 +0100
@@ -109,7 +109,7 @@
\frametitle{Unix-Style Access Control}
\begin{itemize}
-\item Q: ``I am using Windows. Why should I care?'' \\ A: In Windows you have:
+\item Q: ``I am using Windows. Why should I care?'' \\ A: In Windows you have similar groups:
\begin{center}
\begin{tabular}{l}
@@ -122,7 +122,7 @@
\end{tabular}
\end{center}\medskip
-\item Modern versions of Windows have more fine-grained AC; they do not have a setuid bit, but
+\item Modern versions of Windows have more fine-grained AC than Unix; they do not have a setuid bit, but
have \texttt{runas} (asks for a password).\pause
\item OS provided access control can \alert{add} to your
@@ -144,6 +144,7 @@
\draw[line width=1mm] (-.3, 0) rectangle (1.5,2);
\draw (4.7,1) node {Internet};
+ \draw (-2.7,1.7) node {\footnotesize Application};
\draw (0.6,1.7) node {\footnotesize Interface};
\draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}};
\draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}};
@@ -179,10 +180,10 @@
\begin{textblock}{11}(10.5,10.5)
\small
To take an action you\\[-1mm]
-need either:
+need at least either:
\begin{itemize}
\item 1 CEO\\[-5mm]
-\item 2 MDs\\[-5mm]
+\item 2 MDs, or\\[-5mm]
\item 3 Ds
\end{itemize}
\end{textblock}
@@ -195,6 +196,8 @@
\begin{frame}[c]
\frametitle{Lessons from Access Control}
+Not just restricted to Unix:
+
\begin{itemize}
\item if you have too many roles (i.e.~too finegrained AC), then
hierarchy is too complex\\
@@ -256,7 +259,7 @@
{\normalsize\color{darkgray}
\begin{minipage}{9cm}\raggedright
To prevent this kind of attack, you need additional
-policies.
+policies (don't do such operations as root).
\end{minipage}};
\end{tikzpicture}
\end{textblock}}
@@ -270,6 +273,8 @@
\begin{frame}[c]
\frametitle{\begin{tabular}{@ {}c@ {}}Schneier Analysis\end{tabular}}
+\textcolor{gray}{There is no absolutely secure system and security almost never comes for free.}
+
\begin{itemize}
\item What assets are you trying to protect?
\item What are the risks to these assets?
@@ -278,7 +283,6 @@
\item What costs and trade-offs does the security solution impose?
\end{itemize}
-\textcolor{gray}{There is no absolutely secure system and security almost never comes for free.}
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -428,10 +432,10 @@
\frametitle{\begin{tabular}{@ {}c@ {}}Security Seals (2)\end{tabular}}
\begin{itemize}
-\item at the Argonne National Laboratory they tested 244 different security seals (including 19\%
-that were used for safeguard of nuclear material)
+\item at the Argonne National Laboratory they tested 244 different security seals
\begin{itemize}
-\item mean time to break the seals for a trained person: 100 s
+\item meantime to break the seals for a trained person: 100 s
+\item including 19\% that were used for safeguard of nuclear material
\end{itemize}\bigskip
\item Andrew Appel defeated all security seals which were supposed to keep
@@ -470,7 +474,7 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[t]
-\frametitle{\begin{tabular}{@ {}c@ {}}Ex: Security Seals\end{tabular}}
+\frametitle{\begin{tabular}{@ {}c@ {}}Example: Security Seals\end{tabular}}
\begin{itemize}
\item<1->What assets are you trying to protect?\\
@@ -511,7 +515,7 @@
Not really. The source code can be reverse engineered, stolen\ldots{}\end{tabular}}
\item<4->What other risks does the security solution cause?
\only<4>{\begin{tabular}{@{\hspace{1cm}}p{9cm}}\raggedright You prevent
-scrutiny and independent advice. You also more likely than not,
+scrutiny and independent advice. You also more likely than not
get it wrong.\end{tabular}}
\item<5>[]{\bf\large No!}
\end{itemize}
@@ -643,7 +647,6 @@
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
-
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[t]
@@ -689,14 +692,14 @@
\begin{itemize}
-\item The Netherlands, between 1997 - 2006 had electronic voting machines\\
-\textcolor{gray}{(it has been found that they could be hacked and emitted radio signals)}
+\item The Netherlands between 1997 - 2006 had electronic voting machines\\
+\textcolor{gray}{(hacktivists had found that they could be hacked and emitted radio signals revealing how you voted)}
-\item Germany, had been used in pilot studies\\
+\item Germany had used them in pilot studies\\
\textcolor{gray}{(in 2007 a law suit has reached the highest court and it rejected electronic voting
on the grounds of not being understandable by the general public)}
-\item UK, used optical scan voting systems in a few polls
+\item UK used optical scan voting systems in a few polls
\end{itemize}
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -708,16 +711,16 @@
\mbox{}\\[-12mm]
\begin{itemize}
-\item US, used mechanical machines since the 50s, later punch cards, DREs and
-optical scan voting machines \textcolor{gray}{(fantastic ``ecosystem'' for research)}
+\item US used mechanical machines since the 50s, later punch cards, now DREs and
+optical scan voting machines \textcolor{gray}{(fantastic ``ecosystem'' for study)}
\item Estonia used in 2007 the world's first Internet vote in national elections (there are earlier pilot studies)
-\item India, the biggest democracy uses e-voting devices since at least 2003\\
-\textcolor{gray}{(keep-it-simple machines produced by a government owned company)}
+\item India uses e-voting devices since at least 2003\\
+\textcolor{gray}{(``keep-it-simple'' machines produced by a government owned company)}
-\item South Africa used software for its tallying in the 1993 elections (Nelson Mandela)
-\textcolor{gray}{(they found the software was rigged, but they were able to manually tally)}
+\item South Africa used software for its tallying in the 1993 elections (when Nelson Mandela was elected)
+\textcolor{gray}{(they found the tallying software was rigged, but they were able to tally manually)}
\end{itemize}
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -734,9 +737,12 @@
\item show of hands
\item ballots on pieces of pottery
\item different colours of stones
-\item ``facebook''-like autorisation
+\item ``facebook''-like authorisation
\end{itemize}\bigskip
+\textcolor{gray}{problems with vote buying / no ballot privacy}\bigskip
+
+
\item French Revolution and the US Constitution got things ``started'' with
paper ballots (you first had to bring your own, or later were pre-printed by the parties)
\end{itemize}
@@ -746,6 +752,27 @@
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
\mode<presentation>{
\begin{frame}[t]
+\frametitle{\begin{tabular}{@ {}c@ {}}Ballot Boxes\end{tabular}}
+
+Security policies involved with paper ballots:
+
+\begin{enumerate}
+\item you need to check that the ballot box is empty at the start of the poll / no false bottom (ballot stuffing)
+\item you need guard the ballot box during the poll
+\item tallied by a team at the end of the poll (you can have observers)
+\end{enumerate}
+
+\begin{center}
+\includegraphics[scale=1.5]{pics/ballotbox.jpg}
+\end{center}
+
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[t]
\frametitle{\begin{tabular}{@ {}c@ {}}Paper Ballots\end{tabular}}
What can go wrong with paper ballots?
@@ -798,6 +825,8 @@
}
\end{itemize}
+
+
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
@@ -814,6 +843,80 @@
\end{tabular}
\end{center}
+\only<1->{
+\begin{textblock}{5.5}(1,4)
+DREs
+\end{textblock}}
+\only<1->{
+\begin{textblock}{5.5}(1,11)
+Optical Scan
+\end{textblock}}
+
+\only<2>{
+\begin{textblock}{5.5}(0.5,14.5)
+all are computers
+\end{textblock}}
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{@ {}c@ {}}DREs\end{tabular}}
+
+Direct-recording electronic voting machines\\
+(votes are recorded for example memory cards)
+
+typically touchscreen machines
+
+usually no papertrail (hard to add: ballot secrecy)
+
+\begin{center}
+\includegraphics[scale=0.56]{pics/dre1.jpg}
+\end{center}
+
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{@ {}c@ {}}Diebold Machines\end{tabular}}
+
+The work by J.~Alex Halderman:
+
+\begin{itemize}
+\item acquired a machine from an anonymous source\medskip
+\item the source code running the machine was tried to keep secret\medskip\pause
+
+\item first reversed-engineered the machine (extremely tedious)
+\item could completely reboot the machine and even install a virus that infects other Diebold machines
+\item obtained also the source code for other machines
+\end{itemize}
+
+
+\end{frame}}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\mode<presentation>{
+\begin{frame}[c]
+\frametitle{\begin{tabular}{@ {}c@ {}}Diebold Machines\end{tabular}}
+
+The work by J.~Alex Halderman:
+
+\begin{itemize}
+\item acquired a machine from an anonymous source\medskip
+\item the source code running the machine was tried to keep secret\medskip\pause
+
+\item first reversed-engineered the machine (extremely tedious)
+\item could completely reboot the machine and even install a virus that infects other Diebold machines
+\item obtained also the source code for other machines
+\end{itemize}
+
+
\end{frame}}
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%